Filter
Top Products
Intel Desktop Boards D865GRH Product Guide
86
• Loss of Trusted Platform Module Ownership: Trusted Platform Module
Ownership/contents may be cleared (via a BIOS switch) to allow for the transfer of a system to
a new owner. If TPM ownership is cleared, either intentionally or in error, recovery procedures
may allow the migratable keys to be recovered and may restore access to encrypted data. Read
the Security Precautions for Emergency Recovery File Back Up Procedures.
• TPM Keys are Hierarchical: All TPM keys have a place within a hierarchy. Within this
hierarchy, keys must be loaded into the TPM before child keys can be used. It may not be
obvious that any particular key is child or parent. If a key is backed up but the parent key is
either not available or the password for the parent key is not available, the associated data will
not be available. Read the Security Precautions for Emergency Recovery File Back Up
Procedures.
Security Precautions
Security, like any other aspect of computer maintenance, requires planning. What is unique about
security has to do with understanding who are “friends” and who are adversaries. The TPM
provides mechanisms to enable the owner/user to protect their information from adversaries. To
provide this protection, the TPM effectively puts “locks” around the data. Just like physical locks,
if keys or combinations are lost, the assets (data) may be inaccessible not only to adversaries, but
also to asset the owner/user.
The TPM provides two classes of keys: migratable and non-migratable. Migratable keys are
designed to protect data that can be used (unencrypted) on more than one platform. This has the
advantage of allowing the key data to be replicated (backed-up and restored) to another platform.
This may be because of user convenience (someone uses more than one platform, or the data needs
to be available to more than one person operating on different platforms). This type of key also has
the advantage in that it can be backed-up and restored from a defective platform onto a new
platform. However, migratable keys may not be the appropriate level of protection (for example,
the user wants the data restricted to a single platform) needed for the application. This requires a
non-migratable key.
Non-migratable keys carry with them a usage deficit in that while the key may be backed-up and
restored (protected from hard disk failure), they are not protected against system or TPM failure.
The very nature of a non-migratable key is that they can be used on one and only one TPM. In the
event of a system or TPM failure, all non-migratable keys and the data associated with them will be
inaccessible and unrecoverable.
CAUTION
The following precautions and procedures may assist in recovering from any of the previously
listed situations. Failure to implement these security precautions and procedures may result in
unrecoverable data loss.